conform
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for using the
conformCLI tool and integrates with well-known AI services, including local Ollama instances and Google Cloud Vertex AI. - [PROMPT_INJECTION]: The skill's primary functionality involves processing untrusted, unstructured data (e.g., PDFs and text files) through AI models. This creates a potential surface for indirect prompt injection where malicious content within the processed files could attempt to influence the AI's extraction logic.
- Ingestion points: External files (text, PDFs, CSVs) processed via the
conformCLI command. - Boundary markers: The skill does not define explicit boundary markers in the instructions, although the tool uses JSON schemas to constrain the output space.
- Capability inventory: Shell command execution for data extraction, pipelining with tools like
jqandduckdb, and interaction with AI APIs. - Sanitization: Employs JSON schema validation to ensure the extracted output conforms to a pre-defined structure.
Audit Metadata